What Did Google’s Android Chief Say about Android’s Security?

by Istvan Fekete on February 28, 2014

Those who keep an eye on mobile security news may recall Kaspersky’s latest report stating that Android is targeted by 98% of mobile malware. From this perspective, it was a no-brainer to ask Google’s Android head, Sundar Pichai, at Mobile World Congress about malware, since he is responsible for all aspects of the world’s most popular smartphone platform. What was surprising was his frank answer, as heard by :

“We cannot guarantee that Android is designed to be safe, the format was designed to give more freedom. When people talk about 90 percent of malware for Android, they must of course take into account the fact that it is the most popular operating system in the world. If I had a company dedicated to malware, I would also be addressing my attacks on Android.”

Hearing that Android is not designed to be secure might shock some of us, especially now that the platform is used by more than 70% of all smartphone users across the globe.

But this isn’t all. Google has published a transcript of the MWC interview, which shows a totally different answer. In fact, the transcript seems to contradict FrAndroid’s report, in which Pichai is more than self-critical.

So what did Pichai say, exactly? According to the transcript published by Google, he pointed to the open nature of the platform, which gives the OS better scope for threat protection. You can read the transcript below:

“Sorry, the premise of the question is because Android is open, it has more security issues? Respectfully, I’m not sure that’s a correct premise of the question. Open platforms historically undergo a lot of scrutiny, but there are a lot of advantages to having an open source platform from a security standpoint. I would argue that it’s the best way for a platform to be secure, because every researcher in the world can inspect it, every developer in the world can inspect it, and I think that contributes a lot to Android security.”

But like every other piece of software, Android has its own flaws and problems. You may recall that Apple has recently patched a serious SSL/TSL flaw that allowed a man-in-the-middle attack.

So, in the end, we all know the facts: Android’s popularity and low built-in security level make the platform the target of most malware attacks. At least this is what security reports reveal, which are supposed to be objective.

As regards Google’s transcript and the FrAndroid report, it all boils down to trust. For those who are aware of the low security level of Android, however, the FrAndroid report may sound more convincing than the marketing pitch you’d expect from every head of software.

Did you like this post? TheTelecomBlog.com publishes daily news, editorial, thoughts, and controversial opinion – you can subscribe by: RSS (click here), or email (click here).